We performed a comparison between Microsoft Defender for Endpoint and Sophos EPP Suite based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The solution was relatively easy to deploy."
"The most valuable feature is the analysis, because of the beta structure."
"The price is low and quite competitive with others."
"Fortinet is very user-friendly for customers."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"It automatically detects intrusion and malware."
"Defender is stable enough and is competitive with the other products in the market."
"I am using it for very simple purposes. It is perfect and quite effective. I have been using it for a while, and I have never had any virus infection, data leak, or other security breaches. It works fine for standalone purposes. If you log on to OneDrive, it has ransomware protection."
"The main features of this solution are that it handles everything by itself and is well integrated."
"We had certain compliance and usage issues. For example, our company wanted to go with CIS, but we didn't have a proper way of measuring whether the endpoints have the right standards in place or whether they were compliant with CIS. Microsoft Defender was like a one-stop for most things because it gave us the vulnerability and patching scores so that our vulnerability management teams can focus on covering up the vulnerabilities and the patching team can check the vulnerable versions and deploy the right versions."
"The endpoint detection of threats is valuable. The initial detection of things like ransomware and viruses and being able to shut down machines immediately and stop a threat is valuable. We can stop a threat at a source versus allow it to propagate it across the network."
"One of the valuable features of the solution is the small updates that keep my machine relatively clean from any infections."
"We have just started to implement it. It is useful for protection from malware and ransomware."
"It is stable."
"The solution is easy to set up."
"With Sophos, the scanning of viruses and scanning of the disk is done silently in the background."
"The most valuable features of Sophos EPP Suite are the detection capability, machine learning, ransomware protection, and live response."
"Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"It's very simple to use. The managing of the endpoints is very easy."
"If you want something simple to work with, Sophos makes it very simple for you to use."
"The most valuable feature is the ability to centrally manage the total security environment, including the firewall."
"Cannot be used on mobile devices with a secure connection."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The SIEM could be improved."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"A concern is ransomware, whether people can penetrate and encrypt my data or steal my credit card/banking information."
"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management."
"The initial setup can be a bit complex."
"Reporting could be improved. I would like to see how many security incidents occurred in the last six months, how many devices were highly exposed to security risks, and how many devices were actually compromised."
"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."
"The solution could be even more secure and provide an even higher level of security."
"Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"Sophos EPP Suite demands significant resources just to operate. For example, it takes up more than 50% of the resources on our laptop to run it. So, even if we buy a laptop i7 and use 50% resources for Sophos, it will cost us more because every computer needs energy. I don't know why or what the exact problem is."
"I would like to have the capability to support legacy operating systems because the majority now don't support Windows XP, and Windows 2000."
"There could be more integration included in Sophos EPP Suite."
"There could be an equipment inventory feature for the solution."
"There are also issues with the compatibility of the OS. When using Sophos with Windows and devices, most of them work well, but as soon as we work with macOS and Linux, many issues arise that we do not want to have."
"The solution’s performance could be improved for the end-users."
"There could be enhancements made to the DLP."
"The user interface is not responsive."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Sophos EPP Suite is ranked 27th in Endpoint Protection Platform (EPP) with 52 reviews. Microsoft Defender for Endpoint is rated 8.0, while Sophos EPP Suite is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Sophos EPP Suite writes "The solution provides endpoint detection and response with a nice-looking dashboard". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas Sophos EPP Suite is most compared with Trend Micro Deep Security, Seqrite Endpoint Security, Coro, Trellix Endpoint Security and Xprotect . See our Microsoft Defender for Endpoint vs. Sophos EPP Suite report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
